Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1758064AbbGHTAn (ORCPT <rfc822;w@1wt.eu>);
	Wed, 8 Jul 2015 15:00:43 -0400
Received: from mail-wi0-f173.google.com ([209.85.212.173]:32961 "EHLO
	mail-wi0-f173.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751479AbbGHTAf (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 8 Jul 2015 15:00:35 -0400
Date: Wed, 8 Jul 2015 21:00:30 +0200
From: Ingo Molnar <mingo@kernel.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Shuah Khan <shuahkhan@gmail.com>, Ming Lei <ming.lei@canonical.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Shuah Khan <shuahkh@osg.samsung.com>
Subject: Re: Linux 4.2-rc1
Message-ID: <20150708190030.GA26346@gmail.com>
References: <CA+55aFxmm7THBsCK62esr=JCcHpn6nmReGKqPp0inUrhbkveuA@mail.gmail.com>
 <CAKocOOM0-uce9kUzprCW9M48_G2OTV-eWgPe4euht2qY8FdA3A@mail.gmail.com>
 <CA+55aFy-iZ2g8xKZW---LgUHaVMbqLZ_oadw=Vbg0g78dfH9PA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CA+55aFy-iZ2g8xKZW---LgUHaVMbqLZ_oadw=Vbg0g78dfH9PA@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 4397
Lines: 94


* Linus Torvalds <torvalds@linux-foundation.org> wrote:

> On Wed, Jul 8, 2015 at 9:32 AM, Shuah Khan <shuahkhan@gmail.com> wrote:
> >
> > I am seeing the following NULL pointer dereference on my test system:
> >
> > [    3.640599] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080
> > [    3.640609] IP: [<ffffffff814f1463>] firmware_uevent+0x23/0x80
> 
> Decoding the "Code:" line shows that this is the "->fw_id" dereference in
> 
>         if (add_uevent_var(env, "FIRMWARE=%s", fw_priv->buf->fw_id))
>                 return -ENOMEM;
> 
> and that "fw_priv->buf" pointer is NULL.
> 
> However, I don't see anything that looks like it should have changed
> any of this since 4.1.
> 
> Adding the appropriate firmware people to the cc.

Btw., FWIW, a couple of days ago I started seeing a similar crash pattern when I 
updated my randconfig testing system to v4.2-rc1:

cfg80211: Kicking the queue
cfg80211: Exceeded CRDA call max attempts. Not calling CRDA
BUG: unable to handle kernel NULL pointer dereference at 0000000000000080
IP: [<ffffffff81b5e978>] firmware_uevent+0x1a/0xae
PGD 0 
Oops: 0000 [#1] SMP 
CPU: 1 PID: 1 Comm: swapper/0 Not tainted 4.2.0-rc1-01514-g4a704ed-dirty #411
Hardware name: System manufacturer System Product Name/A8N-E, BIOS ASUS A8N-E ACPI BIOS Revision 1008 08/22/2005
task: ffff88003d4f0000 ti: ffff88003d4f8000 task.ti: ffff88003d4f8000
RIP: 0010:[<ffffffff81b5e978>]  [<ffffffff81b5e978>] firmware_uevent+0x1a/0xae
RSP: 0018:ffff88003d4fba38  EFLAGS: 00010202
RAX: 0000000000000000 RBX: ffff88003ac05668 RCX: 0000000000000003
RDX: 0000000000000001 RSI: ffffffff83822d1a RDI: ffff88003ac05668
RBP: ffff88003ae68008 R08: 000000003ac057f4 R09: 000000010013ffff
R10: ffffffffffffffff R11: ffffffff84f831e0 R12: ffff88003ae68018
R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff838947a7
FS:  0000000000000000(0000) GS:ffff88003fd00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000080 CR3: 0000000003a50000 CR4: 00000000000006a0
Stack:
 0000000000000003 ffff88003ac05668 ffff88003ae68008 ffffffff81b4a0fa
 ffff88003d50e1a8 00000000fffffffe ffffffff838947a7 0000000000000002
 000000003ac057e1 ffff88003ac05668 ffff88003ae68018 ffffffff831606f0
Call Trace:
 [<ffffffff81b4a0fa>] ? dev_uevent+0x284/0x312
 [<ffffffff81721d70>] ? kobject_uevent_env+0x304/0x54b
 [<ffffffff810efa3d>] ? do_raw_spin_lock+0x30/0x5e
 [<ffffffff81b49cc2>] ? device_del+0x287/0x2c5
 [<ffffffff81b5fdda>] ? _request_firmware+0x71b/0xca2
 [<ffffffff8197a961>] ? r100_cp_init+0x254/0x692
 [<ffffffff8197ef71>] ? r300_startup.constprop.0+0x2da/0x36b
 [<ffffffff8197f534>] ? r300_init+0x2e9/0x3a9
 [<ffffffff8193a451>] ? radeon_device_init+0xbf1/0xe95
 [<ffffffff8193cf1c>] ? radeon_driver_load_kms+0x10f/0x24c
 [<ffffffff818e83fc>] ? drm_dev_register+0xec/0x19b
 [<ffffffff818eae62>] ? drm_get_pci_dev+0x1d0/0x2d2
 [<ffffffff81764fc7>] ? local_pci_probe+0x34/0xa2
 [<ffffffff81765b4e>] ? pci_device_probe+0x131/0x187
 [<ffffffff81b4e21a>] ? driver_probe_device+0x160/0x3a8
 [<ffffffff81b4e500>] ? __driver_attach+0x9e/0xd4
 [<ffffffff81b4e462>] ? driver_probe_device+0x3a8/0x3a8
 [<ffffffff81b4c326>] ? bus_for_each_dev+0x89/0x9b
 [<ffffffff81b4cdc9>] ? bus_add_driver+0x151/0x2ee
 [<ffffffff81b4f24d>] ? driver_register+0xe8/0x147 
 [<ffffffff84e32e71>] ? r128_init+0x1f/0x1f
 [<ffffffff84dc54f5>] ? do_one_initcall+0x11e/0x25b
 [<ffffffff810cc1af>] ? parse_args+0x327/0x414 
 [<ffffffff84dc574c>] ? kernel_init_freeable+0x11a/0x1dc 
 [<ffffffff84dc4994>] ? initcall_blacklist+0xc1/0xc1
 [<ffffffff82e90a01>] ? rest_init+0x75/0x75
 [<ffffffff82e90a07>] ? kernel_init+0x6/0x14c
 [<ffffffff82ecd1df>] ? ret_from_fork+0x3f/0x70
 [<ffffffff82e90a01>] ? rest_init+0x75/0x75
Code: c7 c6 3d 7f 80 83 31 c0 e8 f3 c8 bc ff 5a 48 98 c3 55 48 89 fd 53 48 89 f3 48 c7 c6 1a 2d 82 83 51 48 8b 87 90 02 00 00 48 89 df <48> 8b 90 80 00 00 00 31 c0 e8 c9 2f bc ff 85 c0 0f 95 c0 0f b6 
RIP  [<ffffffff81b5e978>] firmware_uevent+0x1a/0xae
 RSP <ffff88003d4fba38>
CR2: 0000000000000080 
---[ end trace 3ab09bb9b953b39a ]---

Haven't had the time to dig into it yet.

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/